diff options
| author | Joel Kitching <kitching@google.com> | 2019-06-09 12:37:55 +0800 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-02-09 11:59:26 +0000 |
| commit | a32d8d67587ec2cfdb4598ef69d8d8763b34f6e8 (patch) | |
| tree | 29a65094ffea26d52ffa73a67fb4fd4d2156bad6 /firmware/lib/vboot_api_kernel.c | |
| parent | 58229e2c77f949976d051387fe17f572802fd708 (diff) | |
| download | vboot-a32d8d67587ec2cfdb4598ef69d8d8763b34f6e8.tar.gz | |
vboot: update vb2api_kernel_phase1 to use GBB interface
vb2api_kernel_phase1 was previously written to read the GBB
headers, locate the recovery key, and then load it. GBB headers
are now saved directly on workbuf in firmware phase. Simply use
the vb2_gbb_read_recovery_key function to retrieve the key.
Update LoadKernel to read kernel subkey from vboot2 workbuf.
Update tests/verify_kernel.c to write subkey to vboot2 workbuf.
BUG=b:124141368, chromium:954774, chromium:1038260
TEST=make clean && make runtests
BRANCH=none
Change-Id: Ia85013da34bdab68bf486014a3401d48c95b3472
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1651221
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Diffstat (limited to 'firmware/lib/vboot_api_kernel.c')
| -rw-r--r-- | firmware/lib/vboot_api_kernel.c | 34 |
1 files changed, 8 insertions, 26 deletions
diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index d6fab619..0e2e8fb3 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -227,7 +227,6 @@ static vb2_error_t vb2_kernel_setup(struct vb2_context *ctx, VbSelectAndLoadKernelParams *kparams) { struct vb2_shared_data *sd = vb2_get_sd(ctx); - vb2_error_t rv; /* Set selected boot mode in context object. TODO: Confirm that this can be removed with persistent context. */ @@ -251,8 +250,6 @@ static vb2_error_t vb2_kernel_setup(struct vb2_context *ctx, if (sd->flags & VB2_SD_FLAG_MANUAL_RECOVERY) shared->flags |= VBSD_BOOT_REC_SWITCH_ON; - vb2_nv_init(ctx); - /* * Save a pointer to the old vboot1 shared data, since we haven't * finished porting the library to use the new vb2 context and shared @@ -275,29 +272,6 @@ static vb2_error_t vb2_kernel_setup(struct vb2_context *ctx, kparams->flags = 0; memset(kparams->partition_guid, 0, sizeof(kparams->partition_guid)); - /* - * Init secdata_kernel and secdata_fwmp spaces. No need to init - * secdata_firmware, since it was already read during firmware - * verification. Ignore errors in recovery mode. - */ - rv = vb2_secdata_kernel_init(ctx); - if (rv && !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) { - VB2_DEBUG("TPM: init secdata_kernel returned %#x\n", rv); - vb2api_fail(ctx, VB2_RECOVERY_SECDATA_KERNEL_INIT, rv); - return rv; - } - rv = vb2_secdata_fwmp_init(ctx); - if (rv && !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) { - VB2_DEBUG("TPM: init secdata_fwmp returned %#x\n", rv); - vb2api_fail(ctx, VB2_RECOVERY_SECDATA_FWMP_INIT, rv); - return rv; - } - - /* Read kernel version from the TPM. */ - shared->kernel_version_tpm = - vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_VERSIONS); - shared->kernel_version_tpm_start = shared->kernel_version_tpm; - return VB2_SUCCESS; } @@ -367,10 +341,18 @@ vb2_error_t VbSelectAndLoadKernel(struct vb2_context *ctx, struct vb2_shared_data *sd = vb2_get_sd(ctx); vb2_error_t rv, call_rv; + /* Init nvstorage space. TODO(kitching): Remove once we add assertions + to vb2_nv_get and vb2_nv_set. */ + vb2_nv_init(ctx); + rv = vb2_kernel_setup(ctx, shared, kparams); if (rv) goto VbSelectAndLoadKernel_exit; + rv = vb2api_kernel_phase1(ctx); + if (rv) + goto VbSelectAndLoadKernel_exit; + VB2_DEBUG("GBB flags are %#x\n", vb2_get_gbb(ctx)->flags); /* |